version: 1
-Date: 14 March 2016
+Date: 15 March 2016
Author: José Bollo
The main path for applivcations are: APPDIR/PKGID/VER.
+This document describes what we intend to do. It may happen that our +current implementation and the content of this document differ.
-Where:
+In case of differences, it is assumed that this document is right +and the implementation is wrong.
+ + +The daemon afm-system-daemon is in charge of installing +applications on the system. Its main tasks are:
installs the applications and setup the security framework +to include it
uninstall the applications
This organisation has the advantage to allow several versions to leave together. -This is needed for some good reasons (rolling back) and also for less good reasons (user habits).
+The afm-system-daemon takes its orders from the system +instance of D-Bus.
+ +The figure below summarizes the situation of the +afm-system-daemon in the system.
+ ++------------------------------------------------------------+
+| User |
+| |
+| +-------------------------------------------------+ |
+| | | |
+| | afm-user-daemon | |
+| | | |
+| +----------+----------------------+----------+----+ |
+| | | : |
+| | | : |
+:================|======================|==========:=========:
+| | | : |
+| +----------+----------+ +-----+-----+ : |
+| | D-Bus system +-----+ CYNARA | : |
+| +----------+----------+ +-----+-----+ : |
+| | | : |
+| +----------+---------+ +-------+----------+----+ |
+| | afm-system-daemon +----+ SECURITY-MANAGER | |
+| +--------------------+ +-----------------------+ |
+| |
+| System |
++------------------------------------------------------------+
+afm-system-daemon is launched as a systemd service +attached to system. Normally, the service file is +located at /lib/systemd/system/afm-system-daemon.service.
+ +The options for launching afm-system-daemon are:
+ +-r
+--root directory
-
-Identity of installed files
+ Set the root application directory.
-All the files are installed as the user “userapp” and group “userapp”.
-All files have rw(x) for user and r-(x) for group and others.
+ Note that the default root directory is defined
+ to be /usr/share/afm/applications (may change).
-This allows any user to read the files.
+-d
+--daemon
-
-Labelling the directories of applications
+ Daemonizes the process. It is not needed by sytemd.
-
-Organisation of data
+-q
+--quiet
-The data of a user are in its directory and are labelled using the labels of the application
+ Reduces the verbosity (can be repeated).
-
-Setting Smack rules for the application
+-v
+--verbose
-For Tizen, the following rules are set by the security manager for each application.
+ Increases the verbosity (can be repeated).
-System ~APP~ rwx
-System ~PKG~ rwxat
-System ~PKG~::RO rwxat
-~APP~ System wx
-~APP~ System::Shared rxl
-~APP~ System::Run rwxat
-~APP~ System::Log rwxa
-~APP~ _ l
-User ~APP~ rwx
-User ~PKG~ rwxat
-User ~PKG~::RO rwxat
-~APP~ User wx
-~APP~ User::Home rxl
-~APP~ User::App::Shared rwxat
-~APP~ ~PKG~ rwxat
-~APP~ ~PKG~::RO rxl
+-h
+--help
+
+ Prints a short help.
-Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.
+
+The D-Bus interface
+
+
+Overview of the dbus interface
+
+afm-system-daemon takes its orders from the session instance
+of D-Bus. The use of D-Bus is great because it allows to implement
+discovery and signaling.
+
+The afm-system-daemon is listening with the destination name
+org.AGL.afm.system at the object of path /org/AGL/afm/system
+on the interface org.AGL.afm.system for the below detailed
+members install and uninstall.
+
+D-Bus is mainly used for signaling and discovery. Its optimized
+typed protocol is not used except for transmitting only one string
+in both directions.
+
+The client and the service are using JSON serialisation to
+exchange data.
+
+The D-Bus interface is defined by:
+
+
+DESTINATION: org.AGL.afm.system
PATH: /org/AGL/afm/system
INTERFACE: org.AGL.afm.system
+
+
+The signature of any member of the interface is string -> string
+for JSON -> JSON.
+
+This is the normal case. In case of error, the current implmentation
+returns a dbus error that is a string.
+
+Here is an example that use dbus-send to query data on
+installed applications.
+
+dbus-send --session --print-reply \
+ --dest=org.AGL.afm.system \
+ /org/AGL/afm/system \
+ org.AGL.afm.system.install 'string:"/tmp/appli.wgt"'
+
+
+
+The protocol over D-Bus
+
+
+
+
+Method org.AGL.afm.system.install
+
+Description: Install an application from its widget file.
-
-What user can run an application?
+If an application of the same id and version exists, it is not
+reinstalled except if force=true.
+
+Applications are installed in the subdirectories of the common directory
+of applications.
+If root is specified, the application is installed under the
+sub-directories of the root defined.
+
+Note that this methods is a simple accessor to the method
+org.AGL.afm.system.install of afm-system-daemon.
+
+After the installation and before returning to the sender,
+afm-system-daemon sends the signal org.AGL.afm.system.changed.
+
+Input: The path of the widget file to install and, optionaly,
+a flag to force reinstallation, and, optionaly, a root directory.
+
+Either just a string being the absolute path of the widget file:
+
+"/a/path/driving/to/the/widget"
+
+
+Or an object:
+
+{
+ "wgt": "/a/path/to/the/widget",
+ "force": false,
+ "root": "/a/path/to/the/root"
+}
+
+
+“wgt” and “root” must be absolute paths.
+
+output: An object with the field “added” being the string for
+the id of the added application.
+
+{"added":"appli@x.y"}
+
+
+
+
+
+Method org.AGL.afm.system.uninstall
+
+Description: Uninstall an application from its id.
+
+Note that this methods is a simple accessor to the method
+org.AGL.afm.system.uninstall of afm-system-daemon.
+
+After the uninstallation and before returning to the sender,
+afm-system-daemon sends the signal org.AGL.afm.system.changed.
+
+Input: the id of the application and, otpionaly, the path to
+root of the application.
+
+Either a string:
+
+"appli@x.y"
+
+
+Or an object:
+
+{
+ "id": "appli@x.y",
+ "root": "/a/path/to/the/root"
+}
+
-Not all user are able to run all applications.
-How to manage that?
+output: the value ‘true’.